Our features site is undergoing a refresh! Be sure to explore the revamped site and discover our latest product roadmap launching here on Monday, March 18th.
New Topic
cPanel & WHM Feature RequestsTopicWeb Applications
Properties
Category Web Applications
Tags mod security

Show end users what ModSecurity rule is being tripped

cPRex shared this idea 19 months ago
Needs Review

At this time, when a cPanel user receives a 403 error, they are not informed what specific ModSecurity rule is causing the problem. If a user doesn't have root access to the machine, they have to do the following:

-contact their hosting provider
-the host has to look through the Apache logs and possibly the ModSecurity audit logs to find the offending rule
-decide on a course of action, which is usually whitelisting the rule for the user

If the end-user was shown which rule was causing a problem inside the cPanel interface, this could be handled more efficiently in two ways:

-the server admin could see the rule quickly and decide on an action
or
-the end user could use a .htaccess entry to bypass that rule for their site

Both option allow less overhead in support for ModSecurity from the provider.

5 I like this idea 0  
Leave a Comment
 
Attach a file

cPanel, WebHost Manager and WHM are registered trademarks of cPanel, L.L.C. for providing its computer software that facilitates the management and configuration of Internet web servers.